changes related to lower environment

Naresh Thotakuri · Naresh Thotakuri · commit af90b4745127 · 2025-08-19T14:55:11.000Z
diff --git a/.github/workflows/pr-qa.yml b/.github/workflows/pr-qa.yml
@@ -0,0 +1,61 @@
+name: QA Pull Request
+
+on:
+  pull_request:
+    branches:
+      - qa  # Trigger PRs into the QA branch
+
+env:
+  ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: true
+
+jobs:
+  lint:
+    name: Lint
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v4
+      - name: Setup Python
+        uses: actions/setup-python@v5
+      - name: Format with Black
+        uses: psf/black@stable
+        with:
+          options: ". -l 79 --check"
+
+  test_container_builds:
+    name: Docker
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v4
+      - name: Log in to the Container registry
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.POLICYENGINE_DOCKER }}
+      - name: Build container
+        run: docker build -t ghcr.io/policyengine/policyengine-qa docker
+
+  test_env_vars:
+    name: Test environment variables
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v4
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+      - name: Auth
+        uses: google-github-actions/auth@v2
+        with:
+          credentials_json: ${{ secrets.GCP_SA_KEY }}
+      - name: Install dependencies
+        run: make install
+      - name: Run environment variable tests
+        run: pytest tests/env_variables/test_environment_variables.py
+        env:
+          POLICYENGINE_GITHUB_MICRODATA_AUTH_TOKEN: ${{ secrets.POLICYENGINE_GITHUB_MICRODATA_AUTH_TOKEN }}
+          HUGGING_FACE_TOKEN: ${{ secrets.HUGGING_FACE_TOKEN }}
+          POLICYENGINE_DB_PASSWORD: ${{ secrets.POLICYENGINE_DB_PASSWORD_QA }}
diff --git a/.github/workflows/push-qa.yml b/.github/workflows/push-qa.yml
@@ -0,0 +1,68 @@
+name: Push QA
+
+on:
+  push:
+    branches:
+      - qa
+
+env:
+  ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: true
+
+concurrency:
+  group: deploy-qa
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v4
+      - name: Check formatting
+        uses: lgeiger/black-action@master
+        with:
+          args: ". -l 79 --check"
+
+  deploy:
+    name: Deploy QA API
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v4
+      - name: Setup Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+      - name: GCP authentication
+        uses: google-github-actions/auth@v2
+        with:
+          credentials_json: "${{ secrets.GCP_SA_KEY_QA }}"
+      - name: Set up GCloud
+        uses: google-github-actions/setup-gcloud@v2
+        with:
+          project_id: policyengine-api-qa
+      - name: Deploy to QA
+        run: make deploy
+        env:
+          POLICYENGINE_DB_PASSWORD: ${{ secrets.POLICYENGINE_DB_PASSWORD_QA }}
+          GOOGLE_APPLICATION_CREDENTIALS: ${{ secrets.GCP_SA_KEY_QA }}
+          POLICYENGINE_GITHUB_MICRODATA_AUTH_TOKEN: ${{ secrets.POLICYENGINE_GITHUB_MICRODATA_AUTH_TOKEN }}
+          ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
+          OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
+          HUGGING_FACE_TOKEN: ${{ secrets.HUGGING_FACE_TOKEN }}
+
+  docker:
+    name: Docker QA
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v4
+      - name: Log in to the Container registry
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.POLICYENGINE_DOCKER }}
+      - name: Build QA container
+        run: docker build -t ghcr.io/policyengine/policyengine-qa docker
+      - name: Push QA container
+        run: docker push ghcr.io/policyengine/policyengine-qa
diff --git a/.gitignore b/.gitignore
@@ -1,4 +1,6 @@
 .venv
+/venv
+__pycache__
 **/__pycache__
 *.egg-info
 .pytest_cache
diff --git a/Makefile b/Makefile
@@ -28,6 +28,18 @@ deploy:
 	rm .gac.json
 	rm .dbpw
 
+deploy-qa:
+	python gcp/export.py
+	gcloud config set project your-qa-project-id           
+	gcloud config set app/cloud_build_timeout 2400
+	cp gcp/policyengine_api_qa/* .                         
+	y | gcloud app deploy --service-account=github-deployment@policyengine-api.iam.gserviceaccount.com
+	rm app.yaml
+	rm Dockerfile
+	rm .gac.json
+	rm .dbpw
+
+
 changelog:
 	build-changelog changelog.yaml --output changelog.yaml --update-last-date --start-from 0.1.0 --append-file changelog_entry.yaml
 	build-changelog changelog.yaml --org PolicyEngine --repo policyengine-api --output CHANGELOG.md --template .github/changelog_template.md
diff --git a/gcp/policyengine_api_qa/Dockerfile b/gcp/policyengine_api_qa/Dockerfile
@@ -0,0 +1,22 @@
+FROM policyengine/policyengine-api:latest
+
+ENV GOOGLE_APPLICATION_CREDENTIALS .gac.json
+ENV POLICYENGINE_DB_PASSWORD .dbpw
+ENV POLICYENGINE_GITHUB_MICRODATA_AUTH_TOKEN .github_microdata_token
+ENV ANTHROPIC_API_KEY .anthropic_api_key
+ENV OPENAI_API_KEY .openai_api_key
+ENV HUGGING_FACE_TOKEN .hugging_face_token
+ENV CREDENTIALS_JSON_API_V2 .credentials_json_api_v2
+
+WORKDIR /app
+
+# Copy application
+ADD . /app
+
+# Make start.sh executable
+RUN chmod +x /app/start.sh
+
+RUN cd /app && make install && make test
+
+# Use full path to start.sh
+CMD ["/bin/sh", "/app/start.sh"]
diff --git a/gcp/policyengine_api_qa/app.yml b/gcp/policyengine_api_qa/app.yml
@@ -0,0 +1,24 @@
+runtime: custom
+env: flex
+resources:
+  cpu: 2
+  memory_gb: 12
+  disk_size_gb: 16
+automatic_scaling:
+  min_num_instances: 1
+  max_num_instances: 1
+  cool_down_period_sec: 180
+  cpu_utilization:
+    target_utilization: 0.8
+liveness_check:
+  path: "/liveness-check"
+  check_interval_sec: 30
+  timeout_sec: 30
+  failure_threshold: 5
+  success_threshold: 2
+runtime_config:
+  operating_system: "ubuntu22"
+  runtime_version: "22"
+readiness_check:
+  path: "/readiness-check"
+  app_start_timeout_sec: 600
diff --git a/gcp/policyengine_api_qa/start.sh b/gcp/policyengine_api_qa/start.sh
@@ -0,0 +1,30 @@
+#!/bin/sh
+# Environment variables
+PORT="${PORT:-8080}"
+WORKER_COUNT="${WORKER_COUNT:-3}"
+REDIS_PORT="${REDIS_PORT:-6379}"
+
+# Start the API
+gunicorn -b :"$PORT" policyengine_api.api --timeout 300 --workers 5 &
+
+# Start Redis with configuration for multiple clients
+redis-server --protected-mode no \
+             --maxclients 10000 \
+             --timeout 0 &
+
+# Wait for Redis to be ready
+sleep 2
+
+# Start multiple workers using POSIX-compliant loop
+i=1
+while [ $i -le "$WORKER_COUNT" ]
+do
+    echo "Starting worker $i..."
+    python3 policyengine_api/worker.py &
+    i=$((i + 1))
+done
+
+# Keep the script running and handle shutdown gracefully
+trap "pkill -P $$; exit 1" INT TERM
+
+wait
